* Exact version Probing (the scanner can tell whether a target is running version 1.5.9)

+

* Exact version Probing (the scanner can tell whether a target is running version 1.5.12)

+

* Common Joomla! based web application firewall detection

* Searching known vulnerabilities of Joomla! and its components

* Searching known vulnerabilities of Joomla! and its components

* Reporting to Text & HTML output

* Reporting to Text & HTML output

Line 27:

Line 28:

* Detect the application version when a generic scanner knows nothing

* Detect the application version when a generic scanner knows nothing

* Detect all possible published vulnerabilities when a generic scanner cannot

* Detect all possible published vulnerabilities when a generic scanner cannot

+

+

== Requirement ==

+

+

* Perl 5.6 or up

== Usage Instructions ==

== Usage Instructions ==

Revision as of 17:05, 20 August 2009

Main

Overview

Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few.So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS.

Downloads

Current Features

Exact version Probing (the scanner can tell whether a target is running version 1.5.12)

Common Joomla! based web application firewall detection

Searching known vulnerabilities of Joomla! and its components

Reporting to Text & HTML output

Immediate update capability via scanner or svn

Advantage over a Generic Vulnerability Scanner

Faster because it won't fuzz all requests like a generic scanner

Detect the application version when a generic scanner knows nothing

Detect all possible published vulnerabilities when a generic scanner cannot

Requirement

Perl 5.6 or up

Usage Instructions

Click here for documentation regarding the use of the OWASP Joomla Vulnerability Scanner.

Road Map

Click here to view the road map for the latest development version of OWASP Joomla Vulnerability Scanner. Please feel free to add your own change requests or send me patches/diffs!

Feedback and Participation

We hope you find OWASP Joomla Vulnerability Scanner useful. Please contribute back to the project by sending your comments, questions, and suggestions to joomscan[@]yehg.net. Thank you.

Donations

The Open Web Application Security Project is purely an open-source community driven effort. As such, all projects and research efforts are contributed and maintained with an individual's spare time. If you have found this or any other project useful, please support OWASP with a donation.